IT: Senior IT & Cybersecurity Architect at Nanobiosym
Nanobiosym · Cambridge, United States Of America · Onsite
- Senior
- Office in Cambridge
Location: Cambridge, MA
Company: Nanobiosym
Job Summary
Nanobiosym is an award-winning company at the forefront of nanotechnology, physics, and biomedicine. Based in Cambridge, MA and founded by an MIT/Harvard alum, we are building next-generation tech solutions for healthcare.
We are looking for a Senior IT & Cybersecurity Architect to build out and upgrade end to end IT infrastructure-from secure networks and virtualized environments to cloud security and endpoint management. This is an on-site, hands-on role for someone who can design, implement, and proactively manage a highly secure, high-performance IT environment, while working closely with executive leadership to align technology with business goals.
Job Responsibilities
- Design, implement, and manage secure, scalable networks (LAN/WAN, VLANs, VPNs, SD-WAN) and segmentation strategies.
- Deploy and maintain virtualization infrastructure (VMware, Citrix) and containerized environments (Docker, Kubernetes).
- Architect and manage Zero Trust and zero/thin client environments for secure endpoint access.
- Configure and manage firewalls, access controls, and monitoring systems to ensure 24/7 security and availability.
- Lead user and VM provisioning, device management, and endpoint security across Windows and Linux systems.
- Implement and oversee AWS cloud security, including IAM, VPCs, S3, and centralized logging.
- Conduct regular risk assessments, propose security improvements, and lead incident response when needed.
- Develop documentation (network diagrams, SOPs, access policies) and enforce compliance with standards (NIST, ISO 27001).
- Collaborate with leadership to define IT/security roadmaps, manage priorities, and communicate risks/tradeoffs.
- Evaluate and onboard vendors, tools, and services aligned with infrastructure needs.
Required Qualifications
- PhD or Master's degree in Computer Science, Information Security, Engineering, or a related field.
- 7+ years of hands-on experience in IT infrastructure, cybersecurity architecture, and systems engineering.
- Proven experience designing and managing virtualized environments (VMware, Citrix) and containerized systems (Docker, Kubernetes).
- Strong understanding of networking principles (TCP/IP, DNS, DHCP) and practical experience configuring firewalls, VLANs, VPNs, and SD-WAN.
- Hands-on expertise in implementing Zero Trust architecture, zero/thin client infrastructure, and securing air-gapped or segmented environments.
- Deep experience with user provisioning, identity and access management (IAM), and endpoint control across Windows and Linux systems.
- Proficiency in securing and operating AWS environments, including VPC design, IAM roles, encryption, and monitoring (CloudWatch, GuardDuty).
- Familiarity with infrastructure automation tools such as PowerShell, Bash, Terraform, or Ansible.
- Experience with SIEM platforms, EDR tools, and log aggregation for detection and response (e.g. Splunk, Logz.io, SentinelOne, etc.).
- Solid grasp of cybersecurity frameworks and compliance standards such as NIST CSF, ISO 27001, HIPAA, and awareness of FDA-related frameworks (e.g. IEC 62304).
- Ability to work autonomously in a high-trust environment, define best practices, and build systems from the ground up.
- Excellent documentation and communication skills, with the ability to clearly articulate technical decisions, risk tradeoffs, and system architecture to non-technical leadership (CEO, legal, operations, etc.).
- DOD Compliance and Security Clearance preferred.
Preferred Qualifications
- Certifications: CISSP, CISM, CCNP, AWS Security Specialty, or similar.
- Familiarity with scripting/automation (e.g. PowerShell, Python, Terraform, Ansible).
- Experience working in regulated industries (biotech, pharma, healthcare).
- Knowledge of compliance frameworks: NIST CSF, ISO 27001, IEC 62304, HIPAA.
- Exposure to OT, IoT, or LIMS environments is a plus.
